Offensive Emails addressed to Plusnet domain, I use my own domain
I have my own domain which I have been using for a long time (since before I joined Plusnet in 2003.
I always use the email format <name>@<mydomain> which shares a mailbox with <name>@<plusnetname>.plus.com
I have a number of such mailboxes. I do not use the ...plus.com format for sending any emails on the internet.
I have recently received emails demanding payment by bitcoin to three of my <name>@<plusnetname>.plus.com email accounts.
As these email addresses have never been used on the Internet I am at a loss as to know how the perpetrators of this scam have obtained these three email addresses. They are only known to Plusnet.
I raised a support question on 14 November asking for this to be investigated, as there seems to be a possibility that Plusnet might have had a security breach. I can think of no other way in which these three email address could have been found by the scammer. One of my three own domain email addresses that has been scammed is only used vary rarely.
I have received many updates to the support ticket since it was raised - in each case putting the ticket on hold for several more days. I telephoned on Monday to complain about the lack of response and was promised a call yesterday. No call was received and the ticket was placed ion hold until 15 December. While typing this post however it has been removed from hold again and gone back to the customer support centre.
Has anyone else had any similar issues?
Would I be justified in reporting this as a potential data breach to the Information Commissioner's Office? I have refrained from doing this so far hoping that PlusNet could offer me some form of plausible explanation as to how this might have happened..
Professionally I was a network security architect until I recently retired.
Re: Offensive Emails addressed to Plusnet domain, I use my own domain
I am disappointed to see that your question has not been responded to - staff coverage around here is very thin.
I note from your forum profile that you have been around here for a while ... and I'm wondering if your tenure with Plusnet pre-dates your forum registration date?
Do you recall the webmail service compromise many years ago where webmail email addresses were harvested from one vulnerable server which missed being updated? Is it possible that is when / where the exposure occurred?
Note that you can, if you wish, turn off receiving email addressed to youraccount.plus.com ... but be careful that you do not cripple email@example.com (or whatever is the name of your default / contact email address).